A method for protection of cloud computing includes homomorphic encryption of data. Partially or fully homomorphic encryption allows for data within the cloud to be processed without decryption. A partially or fully homomorphic encryption is provided. The proposed scheme can be used with both an algebraic and analytical approaches. A cloud service is implemented on a server. A client encrypts data using fully homomorphic encryption and sends it to the server. The cloud server performs computations without decryption of the data and returns the encrypted calculation result to the client. The client decrypts the result, and the result coincides with the result of the same calculation performed on the initial plaintext data.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A system for protected cloud computing to provide a cloud service, the system comprising: a server receiving encrypted data from a client; and the cloud service implemented on the server performing fully homomorphic calculations for the client without decryption of the encrypted data and providing a result of the calculations to the client for decryption, wherein: a finite set of initial elements are generated on the client and are fully homomorphically encrypted into a set of n encrypted elements, such that all calculations on unencrypted elements correspond to the same calculations on encrypted elements, the n encrypted elements belong to the finite set of the initial elements and each of the n encrypted elements has only one corresponding initial element, and the initial elements are encrypted using an n-bit secret key z 0 that belongs to a Galois field G(2 n ), and for any initial element u of a Galois field G(2 n ) there are n randomly generated elements a1, a2, . . . , ad of G(2 n ) for which a 0 =u−(a 1 z 0 +a 2 (z 0 ) 2 +. . . +a d (z o ) d ), and a polynomial v(z)=a 0 +a 1 z+a 2 z 2 +. . . +a d z d from a Galois field G(2 2 )[z] corresponds to u with v(z)=u, with the coefficients a d used as a public encryption key, and wherein the encryption uses an encryption polynomial h(z)=u+(z−z 0 )*r(z) where r(z) is an arbitrary polynomial from the Galois field G(2 n )[z], and z 0 and u are fixed elements of the Galois field G(2 n )[z].
2. The system of claim 1 , wherein Galois field elements are used as the initial elements.
3. The system of claim 2 , wherein the Galois field elements are prime numbers.
4. The system of claim 2 , wherein the Galois field elements are vectors.
5. The system of claim 2 , wherein the Galois field elements correspond to real numbers.
6. The system of claim 1 , wherein an operation on any pair of the encrypted elements produces an encrypted element belonging to the set of the encrypted elements.
7. The system of claim 1 , wherein a result of the calculations performed on the server is encrypted and the decryption requires the secret key z 0 .
8. The system of claim 1 , wherein a reverse transformation uses a decryption algorithm and the secret key z 0 , and for any initial element u of the Galois field G(2 n )[z], there are n randomly generated elements a 1 , a 2 , . . . , a d of the Galois field G(2 n )[z].
9. The system of claim 1 , wherein each operation on the encrypted elements has only one corresponding operation on the initial elements, and the operation produces a resulting initial element corresponding to the resulting encrypted element.
10. The system of claim 1 , wherein the encrypted elements are polynomials, and all operations, including any multiplication operations, are performed on the encrypted elements without increasing a degree of the polynomials.
11. The system of claim 1 , wherein the encrypted elements are polynomials, and all operations, including any multiplication operations, are performed on the encrypted elements and result in polynomials having a degree no higher than original polynomials.
12. The system of claim 1 , wherein the encrypted elements are polynomials, and all operations, including any multiplication operations, are performed on the encrypted elements and result in polynomials having a degree that is a constant known prior to the operations.
13. A computer-implemented method for protected cloud computing to provide a cloud service, the method comprising configuring at least one computing device to perform the functions of: the cloud service implemented on a server to perform calculations for a client, wherein the server performs calculations without decryption of encrypted data and provides a result back to the client, such that the client can decrypt the result; generating a finite set of initial elements on the client and fully homomorphically encrypting the finite set of initial elements into a set of n encrypted data elements, such that all calculations on unencrypted elements correspond to the same calculations on encrypted elements, transmitting the n encrypted data elements to the server; wherein the n encrypted elements belong to the finite set of the initial elements and each of the n encrypted elements has only one corresponding initial element on the server receiving encrypted data from the client, wherein the initial elements are encrypted using an n-bit secret key z 0 that belongs to a Galois field G(2 n ), and wherein, for any initial element u of a Galois field G(2 n ) there are n randomly generated elements a1, a2, . . . , ad of the Galois field G(2 n ) for which a 0 =u−(a 1 z 0 +a 2 (z 0 ) 2 +. . . +a d (z 0 ) d ), and a polynomial v(z)=a 0 +a 1 z+a 2 z 2 +. . . +a d z d from G(2 n )[z] corresponds to u with v(z 0 )=u, with the coefficients a1, a2, . . . , ad used as a public encryption key, and wherein the encryption uses an encryption polynomial h(z)=u+(z−z 0 )*r(z), where r(z) is an arbitrary polynomial from a Galois field G(2 n )[z], and z 0 and u are fixed elements of the Galois field G(2 n )[z].
14. The method of claim 13 , wherein the coefficients are generated from a random number k, with 2<k<n, and a secret set of elements s ij εGF(p n ) i=1, 2, . . . , k, j=k+1, . . . , n, which are the same for the session, for both client and server, wherein p is a prime number, and wherein the coefficients a 1 , a 2 , . . . , a k are selected based on a i =s i1 a k+1 +s i2 a k+2 +. . . +s id a d , i=1, 2, . . . , k, and the coefficients a k+1 , a k+2 , . . . , a n are randomly selected.
15. The method of claim 14 , wherein p=2.
16. The method of claim 15 , wherein p elements λ 1 , λ 2 , . . . λ p of any Galois Field and the polynomial r(x) of a degree k are used to generate a polynomial s(x) of a degree k+p, s(x) in a form of s(x)=(x−λ 1 )(x−λ 2 ) . . . (x−λ p )r(x); element λ 0 is selected from the set λ 1 , λ 2 , . . . λ p and is used as the secret key; u being the data on which server operations are performed using a polynomial f(x)=a 0 +a 1 x+a 2 x 2 +. . . +a k+p−1 x k+p−1 of a degree k+p−1, such that u=f(λ 0 )=a 0 +a 1 λ 0 +a 2 (λ 0 ) 2 +. . . +a k+p−1 (λ 0 ) k+p−1, wherein u and s(x) are transmitted to the server, all calculations are performed in the ring GF(2 n )[x]/s(x), and a degree of any resulting polynomial is no higher than k+p−1.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
December 9, 2014
December 15, 2015
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.